<VirtualHost *:80>
    ServerName {{ domain_name }}
    ServerAlias {{ domain_name }} www.{{ domain_name }}

    DocumentRoot {{ project_root }}/public_html
    DirectoryIndex index.html

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?(.*) https://www.{{ domain_name }}/$1 [R=301,L]
</VirtualHost>

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerName {{ domain_name }}
        ServerAlias {{ domain_name }} www.{{ domain_name }}

        DocumentRoot {{ project_root }}/public_html
        DirectoryIndex index.html

        SSLEngine on
        {% if letsencrypt_email %}
        SSLCertificateFile /etc/letsencrypt/live/{{ domain_name }}/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/{{ domain_name }}/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/{{ domain_name }}/chain.pem
        {% else %}
        SSLCertificateFile    /etc/ssl/certs/server.crt
        SSLCertificateKeyFile /etc/ssl/private/server.key
        {% endif %}

        RewriteEngine On
        RewriteCond %{HTTP_HOST} !^www\. [NC]
        RewriteRule ^(.*)$ https://www.{{ domain_name }}%{REQUEST_URI} [R=301,L]

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        AliasMatch ^/.well-known/(.*) "/var/www/letsencrypt/$1"
        AliasMatch ^/media/(.*) "{{ python_path }}/media/$1"
        AliasMatch ^/static/\d+/(.*) "{{ python_path }}/static/$1"

        <Directory "/var/www/letsencrypt">
            Require all granted
        </Directory>

        <Directory "{{ python_path }}/media">
            Require all granted
            ExpiresActive On
            ExpiresDefault "access plus 1 year"
        </Directory>

        <Directory "{{ python_path }}/static">
            Require all granted
            ExpiresActive On
            ExpiresDefault "access plus 1 year"
        </Directory>

        <IfModule wsgi_module>
            WSGIDaemonProcess {{ domain_name }} python-home={{ project_root }}/env python-path={{ python_path }} processes=6 threads=1 request-timeout=1500 response-socket-timeout=15 display-name=%{GROUP} user={{ user_username }} group=webapps
            WSGIProcessGroup {{ domain_name }}
            WSGIScriptAlias / {{ python_path }}/myproject/{{ wsgi_file_name }} process-group={{ domain_name }}
            <Directory "{{ python_path }}/myproject/">
                <Files {{ wsgi_file_name }}>
                    Require all granted
                </Files>
            </Directory>
        </IfModule>

    </VirtualHost>
</IfModule>
